Can't set static IPs

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • alex_laco
    Junior Member
    • Oct 2024
    • 1

    Can't set static IPs

    Hey guys,

    I have a slight, specific problem with my OpenVPN server. I'm running the OpenVPN server on Ubuntu 22.04. The basic setup works very well, clients connect, and the server is okay.

    My plan is to configure the server for different subnets like "10.8.0.x" for the server, "10.8.1.x" for clients, and "10.8.2.x" for devices.

    But the problem starts when I try to set a static IP for each client. I followed the steps on various internet forums.

    The client successfully connects, but I can't even ping the server (10.8.0.1). However, when I delete the "/etc/openvpn/ccd/client1" file, I get a normal "random" IP, and everything works fine. After that, I can normally ping the server.

    Where could the problem be in my server setup? I've opened every port and enabled port forwarding.

    Thank you

    Here are some confs and log from server.

    I create client name file in "/etc/openvpn/ccd/client" with code:
    Code:
    ifconfig-push 10.8.1.5 192.168.1.6
    iroute 10.8.1.0 255.255.255.0
    And then this is my server.conf
    Code:
    port 1194
    proto udp
    dev tun
    ca ca.crt
    cert amicus-vpn.crt
    key amicus-vpn.key
    dh dh.pem
    topology subnet
    server 10.8.0.0 255.255.252.0
    ifconfig-pool-persist var/log/openvpn/ipp.txt
    client-config-dir ccd
    push "route 10.8.0.0 255.255.255.0"
    push "route 10.8.1.0 255.255.255.0"
    route 10.8.0.0 255.255.255.0
    route 10.8.1.0 255.255.255.0
    keepalive 10 120
    tls-auth ta.key 0
    cipher AES-128-GCM
    data-ciphers AES-128-GCM
    auth SHA256
    persist-key
    persist-tun
    verb 3
    explicit-exit-notify 1
    And this is my client config:
    Code:
    client
    dev tun
    proto udp
    remote xxx.xxx.xxx.xxx 1194
    resolv-retry infinite
    nobind
    persist-key
    persist-tun
    ca ca.crt
    cert client.crt
    key client.key
    remote-cert-tls server
    tls-auth ta.key 1
    cipher AES-128-GCM
    data-ciphers AES-128-GCM
    auth SHA256
    verb 3
    
    <ca>
    -----BEGIN CERTIFICATE-----
    x
    -----END CERTIFICATE-----
    </ca>
    
    <cert>
    -----BEGIN CERTIFICATE-----
    x
    -----END CERTIFICATE-----
    </cert>
    
    <key>
    -----BEGIN PRIVATE KEY-----
    x
    -----END PRIVATE KEY-----
    </key>
    
    <tls-auth>
    -----BEGIN OpenVPN Static key V1-----
    x
    -----END OpenVPN Static key V1-----
    </tls-auth>
    This is log from server when I start it and connect user
    Link because its too long for post
    HTML Code:
    https://pastebin.com/psxCS6Ur
  • RemoteOne
    Junior Member
    • Dec 2024
    • 6

    #2
    You can use the option for persistent IPs to record/re-assign the same IP to clients. It doesn't necessarily allow you to pre-assign the IPs - but it will keep them consistent. Having said that, if you pre-populate the file before the first client connection, you can probably pre-assign the IPs as you prefer.

    In the Server config file.

    ifconfig-pool-persist myClientIPs.txt

    will update the file myClientIPs.txt in the /etc/openvpn/server folder as each new client connects. It will re-load the existing list at startup each time. I cannot recall if you need to manually create the file to begin with but I don't believe you do - just ensure the permissions are good.

    File contents will look like

    DELL10x64.whateverdomain.cc,10.8.1.2,
    ANOTHER-PC.whateverdomain.cc,10.8.1.3,
    DESKTOP-STANDALONE,10.8.1.4,

    Comment

    Working...
    😀
    😂
    🥰
    😘
    🤢
    😎
    😞
    😡
    👍
    👎